U.S. patent number 7,385,948 [Application Number 11/804,493] was granted by the patent office on 2008-06-10 for determining the state of a station in a local area network.
This patent grant is currently assigned to Airmagnet, Inc.. Invention is credited to Dean Au, Chia-Chee Kuan, Miles Wu.
United States Patent |
7,385,948 |
Kuan , et al. |
June 10, 2008 |
Determining the state of a station in a local area network
Abstract
In a wireless local area network, transmissions exchanged
between a station and an access point is received using a detector
located adjacent to the station. The received transmissions are
analyzed to determine the state of the station, where the state of
the station indicates whether the station has authenticated and/or
associated with the access point in the wireless local area
network.
Inventors: |
Kuan; Chia-Chee (Los Altos,
CA), Wu; Miles (Fremont, CA), Au; Dean (Sunnyvale,
CA) |
Assignee: |
Airmagnet, Inc. (Sunnyvale,
CA)
|
Family
ID: |
38533273 |
Appl.
No.: |
11/804,493 |
Filed: |
May 17, 2007 |
Prior Publication Data
|
|
|
|
Document
Identifier |
Publication Date |
|
US 20070223418 A1 |
Sep 27, 2007 |
|
Related U.S. Patent Documents
|
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
Issue Date |
|
|
10408013 |
Apr 3, 2003 |
|
|
|
|
Current U.S.
Class: |
370/328; 370/242;
370/252; 370/312; 370/338; 370/352; 455/41.2; 455/411; 455/414.1;
455/426.2; 455/461 |
Current CPC
Class: |
H04L
63/08 (20130101); H04W 12/06 (20130101); H04W
48/16 (20130101); H04W 84/12 (20130101); H04W
88/08 (20130101); H04W 92/10 (20130101) |
Current International
Class: |
H04Q
7/00 (20060101) |
Field of
Search: |
;370/328,338,312,352
;455/426.2,411,518 |
References Cited
[Referenced By]
U.S. Patent Documents
Other References
Supplementary European Search Report mailed Jun. 13, 2006, for
European application No. 03719629, filed Apr. 3, 2003, 2 pages.
cited by other .
Graham, Robert (Apr. 15, 2000) "Sniffing (network wiretap, sniffer)
FAQ," downloaded from www.robertgraham.com/pubs/sniffing-faq.html,
46 pages. cited by other .
International Preliminary Examination Report mailed on Dec. 16,
2003, for PCT patent application No. PCT/US03/10626 filed Apr. 3,
2003, 4 pages. cited by other .
Shiann-Tsong Sheu et al., "Dynamic Access Point Approach (DAPA) for
IEEE 802.11 Wireless LANs", IEEE 1999, vol. 5, pp. 2646-2650. cited
by other.
|
Primary Examiner: Milord; Marceau
Attorney, Agent or Firm: Blakley, Sokoloff, Taylor &
Zafman LLP
Parent Case Text
PRIORITY
This is a continuation of application Ser. No. 10/408,013, filed on
Apr. 3, 2003, entitled "Determining the State of a Station in a
Local Area Network," assigned to the corporate assignee of the
present invention and incorporated herein by reference.
CROSS REFERENCE TO RELATED APPLICATION
This application claims the benefit of an earlier filed provisional
application U.S. Provisional Application Ser. No. 60/370,996,
entitled DETERMINING THE STATE OF A STATION IN A LOCAL AREA
NETWORK, filed on Apr. 8, 2002, the entire content of which is
incorporated herein by reference.
Claims
We claim:
1. A method of determining the state of a station in a wireless
local area network, wherein the state of the station indicates
whether the station has authenticated and/or associated with an
access point in the wireless local area network, the method
comprising: receiving transmissions exchanged between the station
and the access point using a detector located adjacent to the
station, wherein the transmissions are exchanged over the wireless
local area network; analyzing the received transmissions to
determine the state of the station and determining the state of the
station based on the analyzing, wherein the state of the station at
least indicates whether the station is authenticated to the access
point.
2. The method of claim 1, wherein analyzing comprises: examining a
received transmission; and determining an indicative state of the
station associated with the received transmission.
3. The method of claim 1, wherein the transmissions exchanged
between the station and the access point comply with an extensible
authentication protocol over local area networks (EAPOL)
protocol.
4. The method of claim 1, wherein the state of the station further
indicates whether the station is associated with the access
point.
5. An apparatus for determining the state of a station in a
wireless local area network, wherein the state of the station
indicates whether the station has authenticated and/or associated
with an access point in the wireless local area network, the
apparatus comprising: a detector configured to: receive
transmissions exchanged between the station and the access point
when the detector is located adjacent to the station; analyze the
received transmissions to determine the state of the station; and
determine the state of the static based on the analyzing, wherein
the state of the station at least indicates whether the station is
authenticated to the access point.
6. The apparatus of claim 5, wherein the transmissions exchanged
between the station and the access point comply with an extensible
authentication protocol over local area networks (EAPOL)
protocol.
7. The apparatus of claim 5, wherein the detector is configured to
receive transmissions by: scanning a plurality of channels used in
the wireless local area network, wherein the station is rebooted if
no transmissions are received during a scan of the plurality of
channels.
8. The apparatus of claim 5, wherein the state of the station
further indicates whether the station is associated with the access
point.
9. A computer-readable storage medium containing computer
executable code to determine the state of a station in a wireless
local area network, wherein the state of the station indicates
whether the station has authenticated and/or associated with an
access point in the wireless local area network, by instructing a
computer to operate as follows: receiving transmissions exchanged
between the station and the access point; analyzing the received
transmissions to determine the state of the station; and
determining state of the station based on the analyzing, wherein
the state of the station at least indicates whether the Station is
authenticated to the access point.
10. The computer-readable storage medium of claim 9, wherein the
transmissions exchanged between the station and the access point
comply with an extensible authentication protocol over local area
networks (EAPOL) protocol.
11. The computer-readable storage medium of claim 9, wherein
receiving comprises: scanning a plurality of channels used in the
wireless local area network, wherein the station is rebooted if no
transmissions are received during a scan of the plurality of
channels.
12. The computer-readable medium of claim 9, wherein the state of
the station further indicates whether the station is associated
with the access point.
Description
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention generally relates to wireless local area
networks. More particularly, the present invention relates to
determining the state of a station in a wireless local area
network.
2. Description of the Related Art
Computers have traditionally communicated with each other through
wired local area networks ("LANs"). However, with the increased
demand for mobile computers such as laptops, personal digital
assistants, and the like, wireless local area networks ("WLANs")
have developed as a way for computers to communicate with each
other through transmissions over a wireless medium using radio
signals, infrared signals, and the like.
In order to promote interoperability of WLANs with each other and
with wired LANs, the IEEE 802.11 standard was developed as an
international standard for WLANs. Generally, the IEEE 802.11
standard was designed to present users with the same interface as
an IEEE 802 wired LAN, while allowing data to be transported over a
wireless medium.
In accordance with the IEEE 802.11 standard, a station is
authenticated and associated with an access point in the WLAN
before obtaining service from the access point. During this
authentication and association process, the station proceeds
through 3 stages or states (i.e., State 1, State 2, and State 3 ).
In State 1, the station is unauthenticated and unassociated. In
state 2, the station is authenticated but unassociated. In State 3,
the station is authenticated and associated. If a station is having
difficulty obtaining service from an access point, determining the
state of the station can assist in trouble shooting the
problem.
SUMMARY OF THE INVENTION
In one embodiment of the present invention, in a wireless local
area network, transmissions exchanged between a station and an
access point is received using a detector located adjacent to the
station. The received transmissions are analyzed to determine the
state of the station, where the state of the station indicates
whether the station has authenticated and/or associated with the
access point in the wireless local area network.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention can be best understood by reference to the
following detailed description taken in conjunction with the
accompanying drawing figures, in which like parts may be referred
to by like numerals:
FIG. 1 shows an exemplary Open Systems Interconnection (OSI) seven
layer model;
FIG. 2 shows an exemplary extended service set in a wireless local
area network ("WLAN");
FIG. 3 is an exemplary flow diagram illustrating various states of
stations in a WLAN;
FIG. 4 shows an exemplary embodiment of an access point and a
station exchanging transmissions; and
FIG. 5 shows another exemplary embodiment of an access point and a
station exchanging transmissions.
DETAILED DESCRIPTION OF THE PRESENT INVENTION
In order to provide a more thorough understanding of the present
invention, the following description sets forth numerous specific
details, such as specific configurations, parameters, examples, and
the like. It should be recognized, however, that such description
is not intended as a limitation on the scope of the present
invention, but is intended to provide a better description of the
exemplary embodiments.
With reference to FIG. 1, an exemplary Open Systems Interconnection
(OSI) seven layer model is shown, which represents an abstract
model of a networking system divided into layers according to their
respective functionalities. In particular, the seven layers include
a physical layer corresponding to layer 1, a data link layer
corresponding to layer 2, a network layer corresponding to layer 3,
a transport layer corresponding to layer 4, a session layer
corresponding to layer 5, a presentation layer corresponding to
layer 6, and an application layer corresponding to layer 7. Each
layer in the OSI model only interacts directly with the layer
immediately above or below it.
As depicted in FIG. 1, different computers can communicate directly
with each other only at the physical layer. However, different
computers can effectively communicate at the same layer using
common protocols. For example, one computer can communicate with
another computer at the application layer by propagating a frame
from the application layer through each layer below it until the
frame reaches the physical layer. The frame can then be transmitted
to the physical layer of another computer and propagated through
each layer above the physical layer until the frame reaches the
application layer of that computer.
The IEEE 802.11 standard for wireless local area networks ("WLANs")
operates at the data link layer, which corresponds to layer 2 of
the OSI seven layer model, as described above. Because IEEE 802.11
operates at layer 2 of the OSI seven layer model, layers 3 and
above can operate according to the same protocols used with IEEE
802 wired LANs. Furthermore, layers 3 and above can be unaware of
the network actually transporting data at layers 2 and below.
Accordingly, layers 3 and above can operate identically in the IEEE
802 wired LAN and the IEEE 802.11 WLAN. Furthermore, users can be
presented with the same interface, regardless of whether a wired
LAN or WLAN is used.
With reference to FIG. 2, an example of an extended service set,
which forms a WLAN according to the IEEE 802.11 standard, is
depicted having three basic service sets ("BSS"). Each BSS can
include an access point ("AP") and one or more stations. A station
is a component that can be used to connect to the WLAN, which can
be mobile, portable, stationary, and the like, and can be referred
to as the network adapter or network interface card. For instance,
a station can be a laptop computer, a personal digital assistant,
and the like. In addition, a station can support station services
such as authentication, deauthentication, privacy, delivery of
data, and the like.
Each station can communicate directly with an AP through an air
link, such as by sending a radio or infrared signal between WLAN
transmitters and receivers. Each AP can support station services,
as described above, and can additionally support distribution
services, such as association, disassociation, distribution,
integration, and the like. Accordingly, an AP can communicate with
one or more stations within its BSS, and with other APs through a
medium, typically called a distribution system, which forms the
backbone of the WLAN. This distribution system can include both
wireless and wired connections.
With reference to FIGS. 2 and 3, under the current IEEE 802.11
standard, each station must be authenticated to and associated with
an AP in order to become a part of a BSS and receive service from
an AP. Accordingly, with reference to FIG. 3, a station begins in
State 1, where the station is unauthenticated to and unassociated
with an AP. In State 1, the station can only use a limited number
of frame types, such as frame types that can allow the station to
locate and authenticate to an AP, and the like.
If a station successfully authenticates to an AP, then the station
can be elevated to State 2, where the station is authenticated to
and unassociated with the AP. In State 2 , the station can use a
limited number of frame types, such as frame types that can allow
the station to associate with an AP, and the like.
If a station then successfully associates or reassociates with an
AP, then the station can be elevated to State 3, where the station
is authenticated to and associated with the AP. In State 3, the
station can use any frame types to communicate with the AP and
other stations in the WLAN. If the station receives a
disassociation notification, then the station can be transitioned
to State 2. Furthermore, if the station then receives a
deauthentication notification, then the station can be transitioned
to State 1. Under the IEEE 802.11 standard, a station can be
authenticated to different APs simultaneously, but can only be
associated with one AP at any time.
With reference again to FIG. 2, once a station is authenticated to
and associated with an AP, the station can communicate with another
station in the WLAN. In particular, a station can send a message
having a source address, a basic service set identification address
("BSSID"), and a destination address, to its associated AP. The AP
can then distribute the message to the station specified as the
destination address in the message. This destination address can
specify a station in the same BSS, or in another BSS that is linked
to the AP through the distribution system.
Although FIG. 2 depicts an extended service set having three BSSs,
each of which include three stations, an extended service set can
include any number of BSSs, which can include any number of
stations.
As described above, according to the current IEEE 802.11 standard,
a station is authenticated and associated with an AP to become a
part of a BSS and thus obtain service. As also described above, the
steps in the authentication and association process is categorized
into 3 states (i.e., State 1, State 2, and State 3 ). Determining
the state of a station can be desirable, particularly in analyzing
problems that the station may be experiencing in obtaining
service.
For example, with reference to FIG. 4, assume that a station is
having difficulty in obtaining service from an AP. Determining if
the station is able to reach State 1, State 2, or State 3 can
assist in trouble shooting the problem.
Thus, a detector can be located in the WLAN such that the detector
can receive transmissions sent from and received by the station.
Note that the detector need not necessarily be physically adjacent
the station. Instead, the detector can be sufficiently near or
adjacent the station such that the reception range of the detector
covers the station.
By examining the transmissions sent from and received by the
station, the detector can determine the state of the station. More
particularly, different types of transmissions can be identified as
being indicative of different states. For example, in the following
table are different types of transmissions and the state that they
indicate:
TABLE-US-00001 TABLE 1 Type of Transmission State Probe Request
Transmitted by Station 1 Probe Response Transmitted by AP 1
Authentication Request Transmitted by 1 Station Authentication
Response w/ Challenge 1 Text Transmitted by AP Authentication
Challenge Response 1 Transmitted by Station Authentication Final
Response 1 - on negative Transmitted by AP response 2 - on positive
response Deauthentication Transmitted by AP 1 Disassociation
Transmitted by AP 1 Association Request Transmitted by 2 Station
Association Response Transmitted by 2 - on negative Station
response 3 - on positive response Higher Layer Protocol Data
Transmitted 3 by Station or AP
Thus, when a transmission sent to or from the station is received,
the detector examines the transmission to determine if the
transmission is one of the types of transmissions listed above. If
it is, then the detector can determine the state of the station
that received or sent the transmission.
For example, if the detector receives a probe request frame sent by
the station, then the detector can determine that the station is at
State 1. If the detector receives a probe response frame sent by
the AP to the station, then the detector can determine that the
station is at State 1. If the station receives a data frame, which
is a higher layer protocol data, sent by the station or received by
the station, then the detector can determine that the station is at
State 3.
The detector can also be configured to display the types of
transmissions as a checklist. For example, the following checklist
can be displayed:
TABLE-US-00002 TABLE 2 Beacon received by Station Probe request
sent by Station Probe response received by Station Auth. request
sent by Station Auth. challenge received by Station Auth. challenge
response received by Station Auth. final response received by
Station Assoc. request sent by Station Assoc. response received by
Station Data sent by Station Data received by Station
When one of the transmissions on the list is detected, then that
type of transmission is marked. For example, if an authorization
request sent by the station is received, the detector can "check
off" the "Auth. request sent" line from above. In this manner, the
user of the detector, such as an administrator of the WLAN or a
trouble-shooter, can more easily determine the state of the
station.
Additionally, as will be explained below, a station can use one or
more channels. As such, a separate checklist can be provided for
each of the available channels.
With reference to FIG. 5, as described above, before a station can
receive service from an AP, the station must be authenticated. In
order to increase security, an authentication protocol can be
implemented in a WLAN environment, such as the extensible
authentication protocol over LANs (EAPOL) protocol in accordance
with the IEEE 802.1x standard.
In accordance with the current EAPOL protocol, a station wanting to
be authenticated, which is referred to as a supplicant, is
authenticated using an authentication server, such as a remote
authentication dial in user service (RADIUS) server. As depicted in
FIG. 5, the station communicates with the AP, and the AP, which is
referred to as the authenticator, communicates with the
authentication server to authenticate the station.
During the authentication process, the station, AP, and
authentication server exchange a number of transmissions. More
specifically, in one exemplary mode of operation, the AP sends an
"EAP-Request/Identity" transmission to the station. The station
then sends an "EAP-Response/Identity" transmission to the AP. The
AP then sends the received "EAP-Response/Identity" transmission to
the authentication server. In response, the authentication server
sends a challenge to the AP, such as with a token password system.
The AP sends the challenge to the station as a credential request.
The station sends a response to the credential request to the AP.
The AP sends the response to the authentication server. If the
response from the station is proper, the authentication server
sends an "EAP-Success" transmission to the AP, which sends the
package to the station. If the response is improper, the
authentication server sends an "EAP-Failure" transmission to the
AP, which sends the transmission to the station. It should be
recognized that the number and types of transmissions exchanged
between the station, AP, and authentication server can vary
depending on the implemented mode of operation.
As described above, in one exemplary embodiment, a detector can be
located in the WLAN such that the detector can receive
transmissions sent from and received by the station. Again, note
that the detector need not necessarily be physically adjacent the
station. Instead, the detector can be sufficiently near the station
such that the reception range of the detector covers the
station.
By examining the transmissions sent from and received by the
station, the detector can determine the state of the station. More
specifically, the detector can receive the transmissions exchanged
between the station and the AP during the authentication process
described above in accordance with the EAPOL protocol. The detector
can then determine the state of the station based on the received
transmissions. More particularly, because the EAPOL transactions
occur in state 3 as 802.11 data, the station can be determined as
being in state 3.
Additionally, the detector can also be configured to display the
types of transmissions as a checklist. For example, the following
checklist can be displayed:
TABLE-US-00003 TABLE 3 802.1X initiated sent by Station Identity
request sent by Station Identity response received by Station
Credential request sent by Station Credential response received by
Station 802.1X authentication OK by Station 802.1X authentication
failed by Station De-authentication sent by Station Data sent by
Station Data received by Station
When one of the transmissions on the list is detected, then that
type of transmission is marked. For example, if an
"EAP-Request/Identity" package sent by the AP is received, the
detector can "check off" the "Identity request sent" line from
above. In this manner, the user of the detector, such as an
administrator of the WLAN or a trouble-shooter, can more easily
determine the state of the station.
Additionally, as will be explained below, a station can use one or
more channels. As such, a separate checklist can be provided for
each of the available channels.
To identify the transmissions sent from and received by the
station, the detector obtains the MAC address of the station, which
can be obtained from the source and destination address fields of
the transmitted frames. The MAC address can also be obtained
directly from the station. Alternatively, the MAC address of the
station can be stored and retrieved from a table of MAC address
assignments, which can be maintained by an administrator of the
WLAN.
Additionally, if a particular AP that the station is attempting to
communicate is known, the particular channel that the AP is
operating on can then be monitored. If the station is attempting to
communicate with multiple APs and the identity of those APs are
known, then the particular channels that those APs are operating on
can then be monitored.
Furthermore, the detector can scan the channels of the wireless
local area network to receive transmissions sent from and received
by the station with known or unknown APs. As described above, in
the current implementation of the IEEE 802.11 standard, a total of
11 channels are used in the US, 13 channels are used in Europe, and
14 channels are used in Japan. For the sake of convenience, the
following description will assume that the detector and the WLAN
are located in the U.S. However, note that the detector can be
configured to operate with any number of channels and in various
countries.
In one configuration, the detector is configured to begin scanning
by monitoring channel 1, then scan down each of the remaining 10
channels. If a station is having difficulty obtaining service, it
will typically switch channels and repeat the association attempt
therefore repeating the association failure scenario. A station can
continuously cycle through the channels in an effort to obtain
service. As such, the detector is configured to monitor a
particular channel for a sufficient amount of time so that the
station can complete one or more cycles. For example, the detector
can be configured to monitor each channel for about 3 seconds.
If no transmissions are detected after scanning all of the
channels, then the station is rebooted. As described above, a
station can be configured to cycle repeatedly through the channels
in an attempt to obtain service. However, a station can also be
configured to only attempt one cycle and to stop after the last
channel has been attempted. When the station is rebooted, it
typically begins operating on channel 1. As such, by rebooting the
station and monitoring on channel 1, a transmission sent to or
received by the station can be detected. However, a station can
take some time to reboot, typically a few seconds. As such, the
detector is configured to monitor channel 1 for a longer duration
than the other channels. For example, in one configuration, the
detector is configured to monitor channel 1 for a period of 30
seconds.
As described above, the detector can scan the available channels in
the WLAN. Alternatively, specific channels can be selected to be
scanned. Although the detector scans the channels, it passively
receives the transmissions, meaning that it does not broadcast
signals on the WLAN. This has the advantage that additional
bandwidth on the WLAN is not consumed.
The detector can be a station in the wireless local area network.
Additionally, the detector can be mobile, portable, stationary, and
the like. For instance, the detector can be a laptop computer, a
personal digital assistant, and the like. In addition, the detector
can be used by a user as a diagnostic tool, by an administrator as
an administrative tool, and the like.
Although the present invention has been described with respect to
certain embodiments, examples, and applications, it will be
apparent to those skilled in the art that various modifications and
changes may be made without departing from the invention.
* * * * *
References